NETWORK SECURITY AND APPLICATIONS TO THE FABRIC ENVIRONMENT
Granted: March 20, 2008
Application Number:
20080072309
A method and apparatus for securing networks, focusing on application in Fibre Channel networks. A combination of unique security techniques are combined to provide overall network security. Responsibility for security in the network is assigned to one or more designated entities. The designated entities deploy management information throughout the network to enhance security by modifying the capabilities and operational permissions of the devices participating in the network. For…
METHOD AND APPARATUS FOR ESTABLISHING METAZONES ACROSS DISSIMILAR NETWORKS
Granted: September 27, 2007
Application Number:
20070223502
A system and method for creating and enforcing meta-zones that cross the interface between different network protocols are disclosed. In one embodiment, a method of enforcing meta-zones comprises: (a) receiving an Infiniband (IB) packet destined for a Fibre Channel (FC) target device; (b) comparing a partition key in the IB packet to a partition key associated with the FC target device; and (c) converting the IB packet to a FC frame only if the partition keys match. The method may…
NODE DEVICE COOPERATING WITH SWITCH WHICH IMPLEMENTS ZONES IN A FIBRE CHANNEL SYSTEM
Granted: September 13, 2007
Application Number:
20070211650
In a system comprising a first fabric and a plurality of devices coupled to the fabric by Fibre Channel connections, the devices are logically grouped to form configurations and zones. A configuration includes at least one zone, and each zone includes at least one device as a member of the zone. Communications between the devices is restricted according to the configuration currently in effect. For example, one device may be permitted to communicate with another device only if they are…
CASCADE CREDIT SHARING FOR FIBRE CHANNEL LINKS
Granted: September 6, 2007
Application Number:
20070206502
A switch having a higher speed port, one or more slower speed ports, a larger buffer memory and numerous larger counters to achieve higher speed and longer range of communication. In one embodiment a larger switch having a larger buffer memory and larger counters connects to a smaller switch having a smaller buffer memory and smaller counters, the larger switch practically expanding the buffer memory and counters in the smaller switch. A combination of several counters can also avoid…
METHOD AND APPARATUS FOR TRANSPARENT COMMUNICATION BETWEEN A FIBRE CHANNEL NETWORK AND AN INFINIBAND NETWORK
Granted: August 30, 2007
Application Number:
20070201356
A system and method for providing transparent communications between an Infiniband (IB) network and a Fibre Channel (FC) network are disclosed. One method comprises: (a) detecting FC node ports in the FC network; (b) creating virtual IB targets for each FC node port in the FC network; and (c) converting IB packets directed to the virtual IB targets into FC frames directed to the corresponding FC node port. It may further comprise intercepting management packets directed to the virtual IB…
Interface switch for use with fibre channel fabrics in storage area networks
Granted: April 26, 2007
Application Number:
20070091903
An interface switch which presents itself as switch to an enterprise fabric formed of the devices from the same manufacturer as the interface switch and that of a host or node to an enterprise fabric from a different manufacturer. This allows each enterprise fabric to remain in a higher performance operating mode. The multiplexing of multiple streams of traffic between the N_ports on the first enterprise fabric and the second enterprise fabric is accomplished by N_port Virtualization.…
SERVICE INTERFACE FOR FIBRE CHANNEL FABRIC SNAPSHOT SERVICE
Granted: November 9, 2006
Application Number:
20060253671
The snapshot capability moving into the SAN fabric and being provided as a snapshot service. A well-known address is utilized to receive snapshot commands. Each switch in the fabric connected to a host contains a front end or service interface to receive the snapshot command. Each switch of the fabric connected to a storage device used in the snapshot process contains a write interceptor module which cooperates with hardware in the switch to capture any write operations which would occur…
WRITE CAPTURE FOR FIBRE CHANNEL FABRIC SNAPSHOT SERVICE
Granted: November 2, 2006
Application Number:
20060248298
The snapshot capability moving into the SAN fabric and being provided as a snapshot service. A well-known address is utilized to receive snapshot commands. Each switch in the fabric connected to a host contains a front end or service interface to receive the snapshot command. Each switch of the fabric connected to a storage device used in the snapshot process contains a write interceptor module which cooperates with hardware in the switch to capture any write operations which would occur…
FABRIC WITH FIBRE CHANNEL FABRIC SNAPSHOT SERVICE
Granted: November 2, 2006
Application Number:
20060248299
The snapshot capability moving into the SAN fabric and being provided as a snapshot service. A well-known address is utilized to receive snapshot commands. Each switch in the fabric connected to a host contains a front end or service interface to receive the snapshot command. Each switch of the fabric connected to a storage device used in the snapshot process contains a write interceptor module which cooperates with hardware in the switch to capture any write operations which would occur…
NETWORK WITH FIBRE CHANNEL FABRIC SNAPSHOT SERVICE
Granted: November 2, 2006
Application Number:
20060248300
The snapshot capability moving into the SAN fabric and being provided as a snapshot service. A well-known address is utilized to receive snapshot commands. Each switch in the fabric connected to a host contains a front end or service interface to receive the snapshot command. Each switch of the fabric connected to a storage device used in the snapshot process contains a write interceptor module which cooperates with hardware in the switch to capture any write operations which would occur…
Apparatus and method for internet protocol data processing in a storage processing device
Granted: January 19, 2006
Application Number:
20060013222
A system including a storage processing device with an input/output module. The input/output module has port processors to receive and transmit network traffic. The input/output module also has a switch connecting the port processors. Each port processor categorizes the network traffic as fast path network traffic or control path network traffic. The switch routes fast path network traffic from an ingress port processor to a specified egress port processor. The storage processing device…
Network security and applications to the fabric environment
Granted: January 5, 2006
Application Number:
20060005233
A method and apparatus for securing networks, focusing on application in Fibre Channel networks. A combination of unique security techniques are combined to provide overall network security. Responsibility for security in the network is assigned to one or more designated entities. The designated entities deploy management information throughout the network to enhance security by modifying the capabilities and operational permissions of the devices participating in the network. For…
Secure distributed time service in the fabric environment
Granted: December 1, 2005
Application Number:
20050268091
A secure and distributed time service is discussed for use in a network. In particular, the invention relates to Fibre Channel networks and the secure distribution of time service using a push model. In order to distribute time on a push model, one entity assumes responsibility for time in the network. Other entities in the network receive periodic time updates and check the validity of their own time by gauging the elapsed time since the previous time update. The time service is secured…
Supplementary header for multifabric and high port count switch support in a fibre channel network
Granted: August 4, 2005
Application Number:
20050169311
Accordingly, there is disclosed herein an augmented Fibre Channel (FC) frame format which may provide support for multiple fabric FC networks, and may improve the performance of modularly-constructed switches. In one embodiment, the augmented FC frame format is modulated on a carrier signal and the frame includes: a start-of-frame field; a supplementary header field that follows the start-of-frame field; a frame header field that follows the supplementary header field; a cyclic…
Circuit synchronization over asynchronous links
Granted: April 28, 2005
Application Number:
20050089012
A device that synchronizes circuits over asynchronous links is disclosed. Some embodiments of the invention include a device that comprises a plurality of circuits. One of the plurality of circuits is designated as a “master” circuit. The master circuit is configured to send a first synchronization signal to one or more of the plurality of circuits, and each circuit that receives the first synchronization signal is configured to responsively send a second synchronization signal to…
Virtual channel remapping
Granted: March 24, 2005
Application Number:
20050063394
Virtual channel enabled networking devices may map frames to specific virtual channels based upon frame characteristics (e.g. destination address, class of service). Devices and methods that provide a remapping of virtual channels are disclosed. In one embodiment, a network having virtual channel remapping may include: a first set of one or more switches that each support a first number of virtual channels, and a second set of one or more switches that each support a second number of…
Time slot memory management
Granted: March 10, 2005
Application Number:
20050052920
A switch comprising front-end and back-end application specific integrated circuits (ASICs) is disclosed. Frame storage and retrieval in the switch is achieved by dividing a frame into equal sized portions that are sequentially stored in switch memory during an assigned time slot. Control logic coupled to the front-end and back-end ASICs assigns the time slot either dynamically or statically.
Fibre channel fabric copy service
Granted: November 18, 2004
Application Number:
20040230704
Copy capability moved into the SAN fabric and provided as a data mover service. A well-known address is utilized to receive copy commands from the hosts. Each switch in the fabric contains a front end or service interface. The service interface of the switch connected to the host receives the copy command and manages access control or zoning and LUN mapping. LUN mapping and zoning are based on shared databases. Maintaining single, shared databases among the switches for LUN mapping and…
Method and devices using path numbering in a fibre channel network
Granted: November 18, 2004
Application Number:
20040230860
A method for providing flexibility in configuring Fibre Channel devices for different mode of operation. The method uses Path Numbering mechanism to identify a flow path with a Fibre Channel device. The Path Number is used to associate source port and destination port to make the intermediate connection transparent for those two ports. Devices, switches, systems and networks implementing this method are also disclosed.
Extent-based fibre channel zoning in hardware
Granted: November 4, 2004
Application Number:
20040218593
The present invention provides a system and a method for filtering a plurality of frames sent between devices coupled to a fabric by Fibre Channel connections. Frames are reviewed against a set of individual frame filters. Each frame filter is associated with an action, and actions selected by filter matches are prioritized. Groups of devices are “zoned” together and frame filtering ensures that restrictions placed upon communications between devices within the same zone are…
